Obtaining a Server Certificate from a Third-party CA

You can use the Web Server Certificate wizard to obtain a server certificate from a third-party certification authority (CA). The wizard generates a certificate request, which you then send to the CA. Some certification authorities require you to prove your identity before they process your request or issue a certificate.

Important

You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".

Procedures

To obtain a server certificate from a third-party certification authority

In IIS Manager, double-click the local computer, and then double-click the Web Sites folder.

Right-click the Web site or file for which you want to request a certificate, and then click Properties.

In the Web Server Certificate Wizard, on the Delayed or Immediate Request page, click Prepare the request now, but send it later. By default, the certificate request file is saved as C:\Certreq.txt, but the wizard allows you to specify a different location.

Complete the rest of the steps in the Web Server Certificate Wizard and then click Finish.

Send the request to the certification authority. The CA will process the request and then send you the certificate.